Filtered by vendor Radare
Subscribe
Total
134 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-15931 | 1 Radare | 1 Radare2 | 2025-04-20 | 6.8 MEDIUM | 7.8 HIGH |
| In radare2 2.0.1, an integer exception (negative number leading to an invalid memory access) exists in store_versioninfo_gnu_verneed() in libr/bin/format/elf/elf.c via crafted ELF files on 32bit systems. | |||||
| CVE-2017-15385 | 1 Radare | 1 Radare2 | 2025-04-20 | 6.8 MEDIUM | 7.8 HIGH |
| The store_versioninfo_gnu_verdef function in libr/bin/format/elf/elf.c in radare2 2.0.0 allows remote attackers to cause a denial of service (r_read_le16 invalid write and application crash) or possibly have unspecified other impact via a crafted ELF file. | |||||
| CVE-2017-9949 | 1 Radare | 1 Radare2 | 2025-04-20 | 6.8 MEDIUM | 7.8 HIGH |
| The grub_memmove function in shlr/grub/kern/misc.c in radare2 1.5.0 allows remote attackers to cause a denial of service (stack-based buffer underflow and application crash) or possibly have unspecified other impact via a crafted binary file, possibly related to a buffer underflow in fs/ext2.c in GNU GRUB 2.02. | |||||
| CVE-2017-6319 | 1 Radare | 1 Radare2 | 2025-04-20 | 6.8 MEDIUM | 7.8 HIGH |
| The dex_parse_debug_item function in libr/bin/p/bin_dex.c in radare2 1.2.1 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted DEX file. | |||||
| CVE-2024-26475 | 1 Radare | 1 Radare2 | 2025-03-27 | N/A | 5.5 MEDIUM |
| An issue in radareorg radare2 v.0.9.7 through v.5.8.6 and fixed in v.5.8.8 allows a local attacker to cause a denial of service via the grub_sfs_read_extent function. | |||||
| CVE-2018-14015 | 1 Radare | 1 Radare2 | 2025-03-18 | 4.3 MEDIUM | 5.5 MEDIUM |
| The sdb_set_internal function in sdb.c in radare2 2.7.0 allows remote attackers to cause a denial of service (invalid read and application crash) via a crafted ELF file because of missing input validation in r_bin_dwarf_parse_comp_unit in libr/bin/dwarf.c. | |||||
| CVE-2023-27114 | 1 Radare | 1 Radare2 | 2025-02-28 | N/A | 5.5 MEDIUM |
| radare2 v5.8.3 was discovered to contain a segmentation fault via the component wasm_dis at p/wasm/wasm.c. | |||||
| CVE-2023-5686 | 2 Fedoraproject, Radare | 2 Fedora, Radare2 | 2024-11-21 | N/A | 8.8 HIGH |
| Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.9.0. | |||||
| CVE-2023-4322 | 2 Fedoraproject, Radare | 2 Fedora, Radare2 | 2024-11-21 | N/A | 9.8 CRITICAL |
| Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.9.0. | |||||
| CVE-2023-47016 | 1 Radare | 1 Radare2 | 2024-11-21 | N/A | 7.5 HIGH |
| radare2 5.8.9 has an out-of-bounds read in r_bin_object_set_items in libr/bin/bobj.c, causing a crash in r_read_le32 in libr/include/r_endian.h. | |||||
| CVE-2023-46570 | 1 Radare | 1 Radare2 | 2024-11-21 | N/A | 9.8 CRITICAL |
| An out-of-bounds read in radare2 v.5.8.9 and before exists in the print_insn32 function of libr/arch/p/nds32/nds32-dis.h. | |||||
| CVE-2023-46569 | 1 Radare | 1 Radare2 | 2024-11-21 | N/A | 9.8 CRITICAL |
| An out-of-bounds read in radare2 v.5.8.9 and before exists in the print_insn32_fpu function of libr/arch/p/nds32/nds32-dis.h. | |||||
| CVE-2023-1605 | 1 Radare | 1 Radare2 | 2024-11-21 | N/A | 7.5 HIGH |
| Denial of Service in GitHub repository radareorg/radare2 prior to 5.8.6. | |||||
| CVE-2023-0302 | 1 Radare | 1 Radare2 | 2024-11-21 | N/A | 7.8 HIGH |
| Failure to Sanitize Special Elements into a Different Plane (Special Element Injection) in GitHub repository radareorg/radare2 prior to 5.8.2. | |||||
| CVE-2022-4843 | 1 Radare | 1 Radare2 | 2024-11-21 | N/A | 7.5 HIGH |
| NULL Pointer Dereference in GitHub repository radareorg/radare2 prior to 5.8.2. | |||||
| CVE-2022-4398 | 1 Radare | 1 Radare2 | 2024-11-21 | N/A | 7.8 HIGH |
| Integer Overflow or Wraparound in GitHub repository radareorg/radare2 prior to 5.8.0. | |||||
| CVE-2022-34520 | 1 Radare | 1 Radare2 | 2024-11-21 | N/A | 5.5 MEDIUM |
| Radare2 v5.7.2 was discovered to contain a NULL pointer dereference via the function r_bin_file_xtr_load_buffer at bin/bfile.c. This vulnerability allows attackers to cause a Denial of Service (DOS) via a crafted binary file. | |||||
| CVE-2022-34502 | 1 Radare | 1 Radare2 | 2024-11-21 | N/A | 5.5 MEDIUM |
| Radare2 v5.7.0 was discovered to contain a heap buffer overflow via the function consume_encoded_name_new at format/wasm/wasm.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted binary file. | |||||
| CVE-2022-28073 | 1 Radare | 1 Radare2 | 2024-11-21 | N/A | 7.5 HIGH |
| A use after free in r_reg_set_value function in radare2 5.4.2 and 5.4.0. | |||||
| CVE-2022-28072 | 1 Radare | 1 Radare2 | 2024-11-21 | N/A | 7.5 HIGH |
| A heap buffer overflow in r_read_le32 function in radare25.4.2 and 5.4.0. | |||||